Security threats CIOs should watch out for in 2017

Experts from Gartner, Check Point, Cisco and Symantec share their thoughts on the top security threats for this year, and what organisations should do to avoid them .

Cybersecurity will continue to be a challenge for CIOs and their IT teams this year as they have to keep up with rapid global digitalisation while ensuring that the organisation is secure. CIO Asia spoke to industry experts to find out the top security threats for 2017, and what organisations can do to avoid becoming victims of such cyber attacks.

IoT security will be in the spotlight this year According to Gartner, more than half of major new business processes and systems will incorporate some element of IoT by 2020. As such, IT/security leaders need to think of ways to extend security to connected devices. "Similar to how printer servers were used for attacks several years ago, nearly everything in an enterprise is now connected to the internet and will need to be protected," according to Symantec.

"IoT will continue to pose security concerns, as manufacturers rush to bring new products to market despite a lack of global agreement as to how these devices should be properly secured. Researchers have already shown how a Tesla vehicle could be stolen by hacking into an owner's smartphone. And continuing the trend of malware being offered as a service, hackers have offered botnet armies for rent, giving subscribers the power to launch their own DDoS attacks," Tony Jarvis, Chief Strategist, Check Point Software, said.

Anmol Singh, Principal Research Analyst, Secure Business Enablement Group, Gartner, commented: "Existing security best practices are unable to handle IoT exposure. IoT edge networks and devices are highly diverse and use a lot of non-IT hardware and propriety protocols. Thus, extension of IT-based security approaches at the edge of IoT remains the greatest challenge for security practitioners on IoT."

"It is necessary that IoT security practitioners have a clear visibility of IoT assets, conduct appropriate threat assessment, and ensure the device hardware and software in use are attack-resistant and security-capable."

"High-risk IoT use cases will increasingly demand risk-adaptive authentication methods that not only are adaptive to varied levels of security risks presented throughout an IoT device's life span, but also are supportive of the performance, scalability and availability requirements of IoT," he added.